"When we evaluated Virtru, we took into account what we need now, and what we'll need in the future. We felt confident that Virtru would be able to scale with us. I haven't found one use case that it wouldn't solve for in our industry."
Daniel Brundige
VP of Information Technology
Bennie, a rapidly growing healthcare benefits company, manages highly sensitive healthcare data while maintaining strict HIPAA compliance standards. As a tech-savvy organization with security maturity beyond its seven years in business, Bennie required robust encryption solutions that would protect sensitive information without creating friction for users or external partners.
Daniel Brundige, Vice President of Information Technology at Bennie, led the search for a secure communication platform that would meet their stringent requirements while scaling with their growth.
With Virtru, Bennie now achieves:
Automated email encryption that catches and encrypts sensitive information, addressing human error and strengthening HIPAA compliance — going beyond TLS for true security.
Easy Zendesk security for customer support teams, who can now securely exchange sensitive healthcare information directly from Zendesk, without disrupting their workflows.
Intuitive user experience for healthcare partners using Microsoft and Google, including large insurance carriers. Virtru doesn’t require users to create any new accounts or passwords.
Bennie's search for a better security solution began after experiencing limitations with their previous platform, Zix. "Probably the biggest frustration we had was the end-user-friendliness of it, and the inability to easily integrate into Zendesk," Brundige said.
"We were referred to Virtru by two different people," he continued. "One was our reseller at the time for Google. They were like, ‘you’ve gotta check them out.’ And also through conversations with different [healthcare technology] groups I'm in, they recommended Virtru as well."
The healthcare space presents unique challenges: Bennie uses Google Workspace, and many industry partners have Microsoft environments. With other encryption providers, this can create compatibility issues. Brundige has also found that many Microsoft-centric encryption solutions, such as Cisco, can be overly complex and problematic in their implementations.
"In the world of healthcare, you constantly communicate with Cigna or United Healthcare, or some kind of very large carrier or big partner," noted Brundige. "It’s always ticketing-to-ticketing, or user-to-ticketing. And that solution of sending secure email to a platform like that, and then for recipients to be able to log in, there weren't really a lot of good workarounds for that [with Zix/AppRiver]."
After evaluating their options, Virtru stood out. "We looked at the platform and it just felt right, looked right, and it worked well," said Brundige. Virtru’s integrations with Google Workspace and Zendesk were particularly appealing.
Bennie implemented two Virtru solutions: The Virtru Gateway for automated email protection and Virtru Secure Share for file sharing, particularly for customer support workflows in Zendesk. This multi-layered approach provides comprehensive protection for multiple business functions, while maintaining ease of use for everyone.
"The Gateway is there to constantly analyze, scan, and do its job to protect us, because humans make mistakes," said Brundige. This automated layer of security catches sensitive information even when users might miss it themselves.
For customer support workflows, the integration with Zendesk proved crucial. "Zendesk is not natively HIPAA compliant with email," Brundige points out. "A lot of people don't realize that." The Secure Share integration enables support teams to securely exchange sensitive information with customers. "We have a lot of that back-and-forth requesting and sending in Zendesk. There's lots of different variances in the world of healthcare. We want to do our best to protect our customers and their data."
“TLS is the bare minimum for most email communication,” says Brundige. “It should be enabled across the board for all email servers, but I wouldn’t trust it wholeheartedly.” Although Bennie forces TLS encryption in Gmail, they also layer in the Virtru Gateway as a safety net for stronger encryption and granular access control, which helps ensure that communications containing PHI remain HIPAA compliant.
Virtru is one of the technologies that enables Bennie to maintain "a very high sense of maturity and security stance" that Brundige says is unusual for a company of their age. "We have a security maturity of a much older company because of things we put in place. You don't see that in a startup at our age."
The solution particularly shines in its ability to handle the complexities of healthcare communications. When customers need to share sensitive information, Bennie staff can easily provide secure channels: "A lot of times it's, 'Hey, I've got something that I need to send you. It's very sensitive. How do I get it to you?' We have our users put their Secure Share URL in their signature for that reason."
For organizations considering similar solutions, Brundige advises looking ahead: "When we evaluated Virtru, we took into account what we need now, and what we'll need in the future. We felt confident that Virtru would be able to scale with us." This forward-thinking approach positions Bennie to maintain their strong security posture as they continue to grow in the healthcare space.
"I haven't found one use case that it wouldn't solve for in our industry," Brundige concludes. He encourages other security leaders in healthcare to "break the mold of what people have been doing for the last 20-30 years — because the last 20 or 30 years hasn’t always been so smooth in the world of technology and security."
/resource-%20virtru%20video%20for%20email/Screenshot%202024-01-29%20at%2011.01.11%20AM.png)
